Firefox
Firefox open to buffer overflow

Security hole hits Firefox

Buffer overflow flaw affects all versions of the open source browser

Tom Sanders in California

vnunet.com, 12 Sep 2005

Mozilla's Firefox browser is susceptible to a buffer overflow attack that is deemed 'highly critical', users have been warned.

The flaw was discovered by security expert Tom Ferris and affects all versions of the open source browser up to 1.0.6, as well as the beta for Firefox 1.5, he reported on his website

Advertisement

The vulnerability allows an attacker to remotely execute code on a compromised system through a buffer overflow attack.

Demonstrating the vulnerability, Ferris offers a link to a page where a specially crafted URL will cause the browser to freeze and eventually crash, closing all browser windows. Microsoft's Internet Explorer is unaffected by the flaw.

Ferris reported the issue to Mozilla on 4 September, but allegedly decided to go public after a disagreement with the organisation.

Mozilla has published a patch that protects the browser against sites seeking to exploit the flaw, and has posted instructions for a manual workaround.

Firefox uses its record on security as a principal selling point in enticing users to switch from Internet Explorer. But although Microsoft's browser has been hit with a series of vulnerabilities, Firefox has also had its share of problems recently. 

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Firefox

Spammers hack Firefox support site

Trying to send spam to the savvy

Users urged to upgrade to new version

Mozilla fixes Firefox flaws

Foundation responds quickly to security bug

Delays hit Firefox development

Next public version scheduled for September

Forgotten flaw floors Firefox

Seven year-old bug emerges in popular browser

Related whitepapers

Related jobs

Most watched

eu flag

V3.co.uk weekly debrief, 6 Nov 09

This week, Europe decides what to do with illegal file sharers

Intel unveils its micro server platform

Small-enclosure systems take aim at hosting market

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk Information Overload Summit starts today

We've finally cut the ribbon on V3.co.uk's inaugural Summit event...

Dirk Singer

Comment: Three steps to a social media strategy

Monitor, register and engage, says communications adviser Dirk Singer

rich media

Summit: Is the ECM industry up to the information overload challenge?

In part one of our report, we talk to EMC...

hacker

Summit: UK 'in danger of being left behind' on security

Experts warn behavioural monitoring is essential to protect sensitive data

Primary Navigation